It has been reported that the Police Federation of England and Wales (PFEW) has confirmed that it has been dealing with a ransomware attack on its computer systems. The PFEW was able to respond quickly to an alert from its cyber-security n Saturday 9th March, with cyber experts rapidly reacting to isolate the malware to stop it from spreading to PFEW branches.
“The attack on the Police Federation shows that anyone can become a victim of a ransomware attack. Based on available information, thePolice Federation has isolated the malware, which is a good step in preventing it spreading deeper into the network. To prevent these types of attacks, organisations should teach practise good cyber hygiene, and enable their organisation to avert social engineering attacks.”
/
Tim Erlin, VP of Product Management & Strategy at Tripwire:
“Every organization should have a plan in place for a successful ransomware attack. While prevention is preferred, the reality is that no security control is perfect. The key to responding to a ransomware attack is to detect quickly, limit the spread and restore systems back to a trusted state. Functional backups are key to recovery, but so is a clear understanding of how systems are configured. Finally, restoring from backups is only useful if you can close the attack vector that allowed the ransomware to gain a foothold in the first place.”
“Cyberattacks such as these are extremely unpredictable and ransomware remains a top security risk for businesses of all sizes. Unfortunately, it is very easy to perform certain types of attacks that lead to ransomware infections. The main risks of such security breaches are loss of confidential data – potentially client data or personal data, loss of productivity, loss of revenue, loss of reputation and now, following the implementation of GDPR, hefty fines on top of that. We know that the total cost of business downtime alone is usually 10 times greater than the ransom requested. So every business, no matter its size, needs to have a strategy in place to prepare for, deal with, and eliminate material risks that could lead to security breaches.
It is no longer sufficient to rely on basic prevention measures like firewalls, for example, to protect the business network. Alongside preventative measures such as regularly updating their antivirus solution, patching software and training employees to recognise security risks, companies should also implement a dedicated business continuity and disaster recovery (BCDR) solution. BCDR is the single most effective protection against security risks as it helps businesses minimise downtime caused by attacks, including everything from ransomware, crypto jacking, and spyware to trojan horses, worms, and rootkits.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.